package com.sa.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.sa.commons.constant.HttpSessionKey;
import com.sa.commons.web.mvc.exception.AccessDeniedEception;
import com.sa.commons.web.mvc.exception.NoLoginException;
import com.sa.module.uif.pojo.Users;

public class AuthInterceptorAA implements HandlerInterceptor {

	private static Log log = LogFactory.getLog(AuthInterceptorAA.class);

	public void afterCompletion(HttpServletRequest arg0,
			HttpServletResponse arg1, Object arg2, Exception arg3)
			throws Exception {
		// TODO Auto-generated method stub

	}

	public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
			Object arg2, ModelAndView arg3) throws Exception {
		log.info("身份验证结束");

	}

	public boolean preHandle(HttpServletRequest arg0, HttpServletResponse arg1,
			Object arg2) throws Exception {
		log.info("进入身份验证");
		String path = arg0.getContextPath();
		String url = arg0.getRequestURI();
		if (url.equalsIgnoreCase(path + "/lr/reg.xhtm")) {
			return true;
		} else if (url.equalsIgnoreCase(path + "/lr/login.xhtm")) {
			return true;
		}
		else {
			HttpSession session = arg0.getSession();
			Object user = session.getAttribute(HttpSessionKey.USER_KEY);
			if (user == null) {
				log.debug("session 中用户为");
				throw new NoLoginException();
			} else if (user instanceof Users) {
				return true;
			} else {
				throw new AccessDeniedEception();
			}
		}
	}

}
